ATTACK [PTsecurity] PHP Object Deserialization RCE POP Chain (Guzzle/RCE1)

SID: 10003494Rev: 20 views
Sourceptresearch/attackdetection
CreatedDecember 13, 2021
UpdatedDecember 13, 2021
Classificationattempted-admin
alert tcp any any -> any any (msg:"ATTACK [PTsecurity] PHP Object Deserialization RCE POP Chain (Guzzle/RCE1)"; flow:established; content:"GuzzleHttp"; content:"Psr7"; distance:0; content:"FnStream"; distance:0; content:"close"; distance:0; content:"GuzzleHttp"; distance:0; content:"HandlerStack"; distance:0; content:"resolve"; distance:0; reference:url, github.com/ambionics/phpggc; classtype:attempted-admin; reference:url, github.com/ptresearch/AttackDetection; sid:10003494; rev:2;)

References

urlgithub.com/ambionics/phpggc
urlgithub.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!